lithium\tests\cases\template\HelperTest::testDefaultEscaping PHP Method

HelperTest Class Documentation Datei anzeigen Open project: unionofrad/lithium

testDefaultEscaping() public method

Tests the default escaping for HTML output. When implementing helpers that do not output HTML/XML, the escape() method should be overridden accordingly.

public testDefaultEscaping ( )

    public function testDefaultEscaping()
    {
        $result = $this->helper->escape('<script>alert("XSS!");</script>');
        $expected = '&lt;script&gt;alert(&quot;XSS!&quot;);&lt;/script&gt;';
        $this->assertEqual($expected, $result);
        $result = $this->helper->escape('<script>//alert("XSS!");</script>', null, array('escape' => false));
        $expected = '<script>//alert("XSS!");</script>';
        $this->assertEqual($expected, $result);
        $result = $this->helper->escape(array('<script>alert("XSS!");</script>', '<script>alert("XSS!");</script>'));
        $expected = array('&lt;script&gt;alert(&quot;XSS!&quot;);&lt;/script&gt;', '&lt;script&gt;alert(&quot;XSS!&quot;);&lt;/script&gt;');
        $this->assertEqual($expected, $result);
    }

HelperTest

setUp

testAttributeEscaping

testAttributeMinimization

testAttributes

testDefaultEscaping

testInstantiationWithNoContext

testObjectConstructionWithParameters

testOptions

testRender

testUnescapedValue